PERMIS
Encyclopedia
PERMIS is a sophisticated policy-based authorisation system that implements an enhanced version of the U.S. National Institute of Standards and Technology (NIST) standard Role-Based Access Control (RBAC) model. PERMIS supports the distributed assignment of both roles and attributes to users by multiple distributed attribute authorities, unlike the NIST model which assumes the centralised assignment of roles to users. PERMIS provides a cryptographically secure privilege management infrastructure (PMI
) using public key encryption technologies and X.509
Attribute certificates to maintain users' attributes. PERMIS does not provide any authentication mechanism, but leaves it up to the application to determine what to use. PERMIS's strength comes from its ability to be integrated into virtually any application and any authentication scheme like Shibboleth (Internet2)
, Kerberos
, username/passwords, Grid
proxy certificates and Public Key Infrastructure (PKI
).
As a standard RBAC system, PERMIS's main entities are an authorisation policy, a set of users, a set of administrators (attribute authorities) who assign roles/attributes to users, a set of resources that are to be protected, a set of actions on resources, a set of access control rules, and optional obligations and constraints. The PERMIS policy is eXtensible Markup Language (XML
)-based and has rules for user-role assignments and role-privilege assignments, the latter containing optional obligations that are returned to the application when a user is granted access to a resource. A PERMIS policy can be stored as either a simple text XML file, or as an attribute within a signed X.509 attribute certificate to provide integrity protection and tampering detection. User roles and attributes may be held in secure signed X.509 attributes certificates, and stored in Lightweight Directory Access Protocol (LDAP) directories or Web-based Distributed Authoring and Versioning (WebDAV
) repositories, or they may be created on demand as Security Assertion Markup Language (SAML
) attribute assertions.
The PERMIS authorisation engine comprises two components: a Credential Validation Service that validates users' roles according to the user-role assignment rules, and the Policy Decision Point (PDP) that evaluates users' access requests according to the role-permission assignment rules (or access control rules). Access to a resource depends upon the roles/attributes assigned to the user, and the role-permission assignments, which can contain constraints based on the user's access request (e.g. "print less than 10 pages") and the environment (e.g. time of day). PERMIS can work in either push mode (the user attribute assignments are sent to PERMIS by the application) or in pull mode (PERMIS fetches the attribute assignments itself from LDAP/WebDAV repositories or SAML attribute authorities). PERMIS is an open source
project and the Java source code can be downloaded from http://www.openpermis.org. Alternatively, precompiled Java libraries can be downloaded from http://sec.cs.kent.ac.uk/permis/.
PERMIS is unique with its support for cryptographically protecting the user attributes/roles and the policy, which guarantees their integrity and protects them from being tampered with. New features are continually being added to it, like a standard eXtensible Access Control Markup Language (XACML
) interface which allows PERMIS and XACML PDPs to be seamlessly interchanged, the ability to accept SAML
attribute assertions, support for dynamic delegation of authority and separation of duty policies, and the recent addition of a controlled natural language interface (in English) for writing simple PERMIS policies.
PMI
-Computer science:* Portable Management Interface, a platform-dependent interface defined by Sun Microsystems used in network management* pmi , a command line utility for power management...
) using public key encryption technologies and X.509
X.509
In cryptography, X.509 is an ITU-T standard for a public key infrastructure and Privilege Management Infrastructure . X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation...
Attribute certificates to maintain users' attributes. PERMIS does not provide any authentication mechanism, but leaves it up to the application to determine what to use. PERMIS's strength comes from its ability to be integrated into virtually any application and any authentication scheme like Shibboleth (Internet2)
Shibboleth (Internet2)
Shibboleth is an Internet2 project that has created an architecture and open-source implementation for federated identity-based authentication and authorization infrastructure based on Security Assertion Markup Language . Federated identity allows for information about users in one security domain...
, Kerberos
Kerberos
Kerberos may refer to:* Cerberus, the hound of Hades * Kerberos saga, a science fiction series by Mamoru Oshii* Kerberos , a computer network authentication protocol* Kerberos Dante, a character from Saint Seiya...
, username/passwords, Grid
Grid
Grid or The Grid may refer to:In entertainment and media:* The Grid, an electronic dance group* Kevorkian Death Cycle, a music group formerly called Grid* The Grid , a 2001 third person shooter...
proxy certificates and Public Key Infrastructure (PKI
Public key infrastructure
Public Key Infrastructure is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate...
).
As a standard RBAC system, PERMIS's main entities are an authorisation policy, a set of users, a set of administrators (attribute authorities) who assign roles/attributes to users, a set of resources that are to be protected, a set of actions on resources, a set of access control rules, and optional obligations and constraints. The PERMIS policy is eXtensible Markup Language (XML
XML
Extensible Markup Language is a set of rules for encoding documents in machine-readable form. It is defined in the XML 1.0 Specification produced by the W3C, and several other related specifications, all gratis open standards....
)-based and has rules for user-role assignments and role-privilege assignments, the latter containing optional obligations that are returned to the application when a user is granted access to a resource. A PERMIS policy can be stored as either a simple text XML file, or as an attribute within a signed X.509 attribute certificate to provide integrity protection and tampering detection. User roles and attributes may be held in secure signed X.509 attributes certificates, and stored in Lightweight Directory Access Protocol (LDAP) directories or Web-based Distributed Authoring and Versioning (WebDAV
WebDAV
Web-based Distributed Authoring and Versioning is a set of methods based on the Hypertext Transfer Protocol that facilitates collaboration between users in editing and managing documents and files stored on World Wide Web servers...
) repositories, or they may be created on demand as Security Assertion Markup Language (SAML
SAML
Security Assertion Markup Language is an XML-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider and a service provider...
) attribute assertions.
The PERMIS authorisation engine comprises two components: a Credential Validation Service that validates users' roles according to the user-role assignment rules, and the Policy Decision Point (PDP) that evaluates users' access requests according to the role-permission assignment rules (or access control rules). Access to a resource depends upon the roles/attributes assigned to the user, and the role-permission assignments, which can contain constraints based on the user's access request (e.g. "print less than 10 pages") and the environment (e.g. time of day). PERMIS can work in either push mode (the user attribute assignments are sent to PERMIS by the application) or in pull mode (PERMIS fetches the attribute assignments itself from LDAP/WebDAV repositories or SAML attribute authorities). PERMIS is an open source
Open source
The term open source describes practices in production and development that promote access to the end product's source materials. Some consider open source a philosophy, others consider it a pragmatic methodology...
project and the Java source code can be downloaded from http://www.openpermis.org. Alternatively, precompiled Java libraries can be downloaded from http://sec.cs.kent.ac.uk/permis/.
PERMIS is unique with its support for cryptographically protecting the user attributes/roles and the policy, which guarantees their integrity and protects them from being tampered with. New features are continually being added to it, like a standard eXtensible Access Control Markup Language (XACML
XACML
XACML stands for eXtensible Access Control Markup Language. The standard defines a declarative access control policy language implemented in XML and a processing model describing how to evaluate authorization requests according to the rules defined in policies.As a published standard...
) interface which allows PERMIS and XACML PDPs to be seamlessly interchanged, the ability to accept SAML
SAML
Security Assertion Markup Language is an XML-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider and a service provider...
attribute assertions, support for dynamic delegation of authority and separation of duty policies, and the recent addition of a controlled natural language interface (in English) for writing simple PERMIS policies.
See also
- authorisation
- Identity managementIdentity managementIdentity management is a broad administrative area that deals with identifying individuals in a system and controlling access to the resources in that system by placing restrictions on the established identities of the individuals.Identity management is multidisciplinary and covers many...
- Java Authentication and Authorization ServiceJava Authentication and Authorization ServiceJava Authentication and Authorization Service, or JAAS, pronounced "Jazz", is a Java security framework for user-centric security to augment the Java code-based security...
(JAAS) - Lightweight Directory Access ProtocolLightweight Directory Access ProtocolThe Lightweight Directory Access Protocol is an application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network...
(LDAP) - RBAC (Role-Based Access Control)
- X.509X.509In cryptography, X.509 is an ITU-T standard for a public key infrastructure and Privilege Management Infrastructure . X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation...
- ShibbolethShibbolethA shibboleth is a custom, principle, or belief distinguishing a particular class or group of people, especially a long-standing one regarded as outmoded or no longer important...
- SAMLSAMLSecurity Assertion Markup Language is an XML-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider and a service provider...
(Security Assertion Markup Language) - KerberosKerberosKerberos may refer to:* Cerberus, the hound of Hades * Kerberos saga, a science fiction series by Mamoru Oshii* Kerberos , a computer network authentication protocol* Kerberos Dante, a character from Saint Seiya...
- XACMLXACMLXACML stands for eXtensible Access Control Markup Language. The standard defines a declarative access control policy language implemented in XML and a processing model describing how to evaluate authorization requests according to the rules defined in policies.As a published standard...
(eXtensible Access Control Markup Language) - PKIPublic key infrastructurePublic Key Infrastructure is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate...
(Public Key Infrastructure)